Susan Bradley

Contributing Writer

Susan Bradley has been patching since before the Code Red/Nimda days and remembers exactly where she was when SQL slammer hit (trying to buy something on eBay and wondering why the Internet was so slow). She writes the Patch Watch column for Windows Secrets, is a moderator on the PatchManagement.org listserve and SBS2k, and was one of the authors of Windows Server 2008 Security Resource Kit. . In real life she’s the IT wrangler at her firm, Tamiyasu, Smith, Horn and Braun, where she manages a fleet of Windows servers, an Exchange Server, desktops, a few Macs, several iPads, a few Surface devices, several iPhones and tries to keep patches up to date on all of them. In addition, she provides forensic computer investigations for the litigation consulting arm of the firm. She blogs at www.sbsdiva.com and is on twitter at @sbsdiva. She lurks on Twitter and Facebook, so if you are on Facebook with her, she really did read what you posted. She has a SANS/GSEC certification in security and prefers Heavy Duty Reynolds wrap for her tinfoil hat.

How to update Windows 10 for side channel vulnerability fixes

How to identify, prevent and remove rootkits in Windows 10

How to identify, prevent and remove rootkits in Windows 10

Rootkits are among the most difficult malware to detect and remove. Now, new variations are targeting Windows 10 systems. Use this advice to protect yourself from them.

How to prevent and recover from an APT attack through a managed service provider

How to prevent and recover from an APT attack through a managed service provider

Threat actors are compromising their targeted victims through managed service providers (MSPs). These are the steps to take to minimize your exposure and to recover from these attacks if necessary.

How to harden Windows 10 workstations and servers: Disable SMB v1

How to harden Windows 10 workstations and servers: Disable SMB v1

Early versions of Server Message Block are still present on many Windows networks and devices, leaving them open to attack. Here's how to detect and disable them.

How to defend Office 365 from spear-phishing attacks

How to defend Office 365 from spear-phishing attacks

A recent successful zero-day Flash attack began with a spear-phishing email. These Windows 10 and Office 365 settings could have prevented it.

Center for Internet Security releases Microsoft 365 benchmarks

Center for Internet Security releases Microsoft 365 benchmarks

Follow the guidance in this CIS document to configure Microsoft 365 security settings to the level that suits your organization.

How to enable audit logs in Microsoft Office 365

How to enable audit logs in Microsoft Office 365

Audit logging of Office 365 mail reads makes forensics investigations of attacks much easier. Here's how to make sure it's enabled.

Best resources for setting up Microsoft Office 365 security

Best resources for setting up Microsoft Office 365 security

Office 365 presents admins with many choices and options. These information sources, online forums and script repositories can help you make the right decisions.

How to set Microsoft Office 365 ATP policies to block malicious URLs

How to set Microsoft Office 365 ATP policies to block malicious URLs

Windows Advanced Threat Protection allows admins to set link filters for email messages and attachments in Outlook.

How to set up data loss prevention rules in Microsoft Office 365

How to set up data loss prevention rules in Microsoft Office 365

Most data leakage occurs via emai. Set Office 365 DLP policies to stop sensitive data from leaving your organization.

How to set up multifactor authentication for Office 365 users

How to set up multifactor authentication for Office 365 users

Requiring MFA for some or all Microsoft Office 365 users will better protect your network and email system from attacks.

How to stop malicious email forwarding in Outlook

How to stop malicious email forwarding in Outlook

Microsoft Office 365 administrators can use these settings to find and delete hidden rules attackers use to intercept Outlook email messages.

Load More